Your message dated Fri, 26 Feb 2010 10:16:43 +0100
with message-id <[email protected]>
and subject line Re: [debian-mysql] Bug#571307: mysql-server: security update
changes dabian-sys-maint access rights
has caused the Debian Bug report #571307,
regarding mysql-server: security update changes dabian-sys-maint access rights
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
571307: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571307
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: mysql-server
Version: 5.0.51a-24+lenny3
Severity: important
We use the debian-sys-maint account for maintenance tasks, e.g. the daily
database backup. Therefore this MySQL user needs sufficient access rights,
which we have manually granted.
Installing a security update removes the additional access rights inhibiting
the database backup.
After each security fix we need to manually repair this. Automatic
installation of security fixes has become unthinkable, because it reliably
breaks our systems.
Best regards,
Erik Auerswald
-- System Information:
Debian Release: 5.0.4
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages mysql-server depends on:
ii mysql-server-5.0 5.0.51a-24+lenny3 MySQL database server binaries
mysql-server recommends no packages.
mysql-server suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Am Donnerstag, den 25.02.2010, 10:39 +0100 schrieb José Luis Tallón:
> Erik Auerswald wrote:
> > Installing a security update removes the additional access rights inhibiting
> > the database backup.
>
> If the rights are enough for both mysql-server's and dbcommon-depending
> packages, it isn't a bug. Or is it ?
I fully agree with you, this is not a bug.
> > After each security fix we need to manually repair this. Automatic
> > installation of security fixes has become unthinkable, because it reliably
> > breaks our systems.
>
> My suggestion is to create another, dedicated, user for this purpose.
Much better indeed.
Norbert
--- End Message ---
